March 14, 2023 EXTRA EXTRA READ ALL ABOUT IT!! The U.S. Department of Health and Human Services, through the Office for Civil Rights (OCR), announced the formation of a new Enforcement Division, Policy Division, and Strategic Planning Division. Why isn’t this front-page news? And why did the HHS need to form three new divisions? “OCR’s caseload has multiplied in recent years, increasing to over 51,000 complaints in 2022– an increase of 69 percent between 2017 and 2022,” said OCR Director Melanie Fontes Rainer. “…reorganization improves OCR’s ability to effectively respond to complaints, puts OCR in line with its peers’ structure, and moves OCR into the future.” The OCR will now reflect the structure set by the U.S. Department of Education’s Office for Civil Rights. The Strategic Planning Division will not only work to coordinate public outreach to protect civil rights and health information privacy. They will also expand data analytics and coordinate data collection across HHS leadership. With the OCR being proactive and educating the public on their rights, now would be the time to make sure you are being proactive with HIPAA. What is something to make sure you are staying compliant and one step ahead of the OCR? How about your Security Risk Analysis or the “Crown Jewel” of the OCR as we like to call it. It’s the first thing the OCR asks for when they come knockin’. So why not beat them to the punch? You’ll identify and assess potential threats and vulnerabilities to protected health information (PHI), as well as evaluate the effectiveness of the organization’s security measures and policies. A HIPAA Security Risk Analysis is an ongoing process that must be regularly reviewed and updated to ensure that the organization remains in compliance. Guess what, here at Abyde we automate the entire process for you. Extra, extra, HIPAA violations can result in severe consequences, including fines, legal action, and damage to a healthcare organization’s reputation. Therefore, it is critical for healthcare providers and organizations to prioritize HIPAA compliance and regularly review and update their policies and procedures to ensure they are in line with the latest regulations.